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Claim 1 (previously presented): 

A method for extending and grouping actions and permissions for authorization of a 
requesting user to access or use a requested protected system resource in a computer 
system, said method comprising the steps of: 

providing in a computer readable medium an access control policy associated 
with said requested protected system resource containing a permission list of permitted 
identities and at least one action group tag with associated action indicators; 

reusing a finite quantity of action indicators among a plurality of action group 
tags to control a number of unique permissions less than or equal to the product of the 
quantity of allowable action indicators and a quantity of allowable action group tags; 

evaluating said permission list according to a specific permission definition 
associated with said action group tag, said permission definition providing a correlation 
between permissible actions and members of a set of action indicators; and 

granting to a requesting computer or program authorization to perform actions on 
said requested protected system resource to said requesting user if said access control 
policy permission list includes an appropriate action indicator correlated to an action 
group tag. 

Claim 2 (original): 

The method as set forth in Claim 1 further comprising providing in an access control 
policy permission list a plurality of action group tags, each action group tag having one 
or more associated action indicators, such that resultant granting of authorization to act 
on said requested protected object is completed if the requested action is allowed by any 
of the associated action indicators of any of the action groups. 
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Claim 3 (previously presented): 

The method as set forth in Claim 1 wherein said requested protected system resource 
comprises a computer file sent to a local computer from a remote computer over a 
computer network: 

Claim 4 (currently amended): 

A method for managing permission indicators for computer system protected objects 
comprising the steps of: 

providing in a computer readable medium a plurality of permission indicator 
containers in an access control list; 

associating a first set of permission indicators with a primary permission indicator 
container; [[and]] 

associating in a computer readable medium accessible by an authorization control 
system one or more additional sets of permission indicators with additional permission 
indicator containers, wherein said permission indicators are reused among said containers 
such that permission indicators may be categorized and grouped logically to control a 
number of unique permissions less than or equal to the product of a quantity of allowable 
action indicators and a quantity of allowable action group tags ; and 

granting authorization to a requesting computer or program to perform actions on 
said requested protected system resource according to said permission indicators in said 
permission indicator containers . . 

Claim 5 (original): 

The method as set forth in Claim 4 wherein said step of providing a first set of permission 
indicators comprises providing at least one other (additional) permission indicator set 
having equivalent permission indicators to said first set such that permission indicators 
may be assigned unique permissive control according to a permission indicator container 
with which they are associated. 
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Claim 6 (original): 

The method as set forth in Claim 5 wherein said step of providing an equivalent set of 
permission indicators comprises providing the characters "a" through "z" and "A" 
through "Z" as permission indicators. 

Claim 7 (previously presented): 

The method as set forth in Claim 4 further comprising associating an action group tag 
with a permission indicator container. 

Claim 8 (previously presented): 

The method as set forth in Claim 7 further comprising the step of providing an action 
group tag with an associated list of permission indicators in an access control list 
entry. 



Claims 9-24 (cancelled). 



